Safeguarding Your Personal Data: POODLE

At Auto Credit Express we take protecting your information from online vulnerabilities like Heartbleed very seriously. Now, Google has recently announced another yet vulnerability people are calling POODLE. Here is what we are doing to protect your data, and some information about how you can protect yourself.

What is POODLE?

When a web browser securely communicates with a web server, the two go through a handshake process where they decide how to talk to one another. One of the protocols for secure communication is called Secure Sockets Layer (SSL). SSL was developed by Netscape back in the 90’s and has since been superseded by Transport Layer Security (TLS). However SSL is still in widespread use even though the latest version, SSLv3, was developed nearly 20 years ago.
On October 14, Google publicized the POODLE security flaw in SSLv3. This flaw gives an attacker the ability to decrypt the otherwise safe information shared between the previously mentioned client (your web browser) and server (the sites you visit), potentially exposing your private information, login credentials, etc.

At Auto Credit Express we work with thousands of peoples personal information daily, so we immediately took the initiative to disable the use of the SSL protocol on our site. Now, when you go to our website, our server tells your web browser that SSL support is no longer available, and and your connection will switch to TLS instead automatically keeping your data secure from POODLE.
Defending Yourself From POODLE

While we can keep you safe from POODLE when you are accessing our site, your data can still be at risk when visiting the rest of the web. To guarantee your security across all websites, even those that still support SSLv3, you have to explicitly disable the protocol in your browser. While this will require some work on your part, the recent rise of identity theft makes this time well spent.
    First, this link will give you instructions on how to disable SSLv3 in your browsers.
    Second, you can test if your browser is vulnerable by using a tool called POODLE Test.
    Third, you can check which websites you visit are still vulnerable to POODLE before you give them your information by using POODLE Scan.
    Lastly, you can further educate yourself on POODLE with this link from Mozilla that discusses the topic at a fairly high level.

Your personal information and security is very important to us. We hope you use this information to safeguard your browsing experience wherever you choose to digitally roam.